Summary of Modsec-advlearn: Countering Adversarial Sql Injections with Robust Machine Learning, by Biagio Montaruli et al.
ModSec-AdvLearn: Countering Adversarial SQL Injections with Robust Machine Learning
by Biagio Montaruli, Giuseppe Floris, Christian Scano, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
First submitted to arxiv on: 9 Aug 2023
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The paper proposes a novel approach to improving the detection of SQL injection attacks in Web Application Firewalls (WAFs) by leveraging machine learning and adversarial training. The authors highlight the limitations of existing WAF configurations, which are often manually defined and prone to false alarms and lack robustness against adversarial attacks. To address these issues, they propose two main contributions: automating the selection of CRS rules and their weights based on monitored web services, and using adversarial training to improve robustness against SQLi manipulations. The authors demonstrate the effectiveness of their approach, called ModSec-AdvLearn, in increasing detection rates while retaining low false alarm rates and improving robustness by up to 85%. They release their open-source code for further development. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary The paper shows how to make Web Application Firewalls (WAFs) better at stopping bad attacks. WAFs are like superheroes that protect websites from hackers. Right now, many WAFs use a set of rules called the OWASP Core Rule Set (CRS) to block bad requests. But this system has some big flaws: it’s not very good at finding all the bad requests and it can be tricked by clever hackers. The authors propose two ways to fix these problems. First, they suggest using machine learning to pick the right rules and weights for each website. This will make the WAF more effective at catching bad requests. Second, they show how to train the WAF to be stronger against hacking attempts that try to trick it. Their approach, called ModSec-AdvLearn, works really well and can stop up to 85% of sneaky attacks. |
Keywords
* Artificial intelligence * Machine learning
